CVE-2008-1110
CVE-2008-1110
Buffer overflow in demuxers/demux_asf.c (aka the ASF demuxer) in the xineplug_dmx_asf.so plugin in xine-lib before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted ASF header. NOTE: this issue leads to a crash when an attack uses the CVE-2006-1664 exploit code, but it is different from CVE-2006-1664.
Affected products
n/a · n/apublic PoCs found — 1
cve_referencewww.exploit-db.com/exploits/1641unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugs.gentoo.org/show_bug.cgi?id=208100http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset%3Bnode=fb6d089b520dca199ef16a046da28c50c984c2d2%3Bstyle=gitwebhttp://secunia.com/advisories/29141http://secunia.com/advisories/31393http://security.gentoo.org/glsa/glsa-200802-12.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/41019http://sourceforge.net/project/shownotes.php?group_id=9655&release_id=571608https://www.exploit-db.com/exploits/1641http://www.mandriva.com/security/advisories?name=MDVSA-2008:178http://www.ubuntu.com/usn/usn-635-1http://xinehq.de/index.php/newshttp://xinehq.de/index.php/security